I am using some library for security functions, it allows me to create custom java.security.Provider, KeyManagerFactory, TrustManagerFactory with a specific TLS cipher suits, algorithms, keys and trust storage formats. Normally Netty allows me to configure sslContext like below, to kick things working. Is there a way to configure Netty used by Vertx library layer?
val nettyProvider = SslProvider.JDK
val (keyManagerFactory, trustManagerFactory) = loadKeyCertStuff()
val customJcaProvider: java.security.Provider = CustomTlsProvider()
return SslContextBuilder.forClient()
.sslProvider(nettyProvider)
.keyManager(keyManagerFactory.keyManagers[0])
.trustManager(trustManagerFactory.trustManagers[0])
.sslContextProvider(customJcaProvider)
.ciphers(listOf("TLS_CIPHER_2012"))
.build()
Looks like this configuration option is not taken into account in the API of Vertx library, it allows to set custom KeyManagerFactory and TrustManagerFactory, but no way to set java.security.Provider.
It is possible since Vert.x 4.3.4, PR #4468
In a few words, you need to create an
SslContextFactory
. Here's what it looks like for TCP client: